AuthPoint Policies

One of the newest updates in AuthPoint allows you to create policies for access.  This allows you to control the type of multi-factor authentication requirements for different groups of users, based on the resource they are logging into.  You can also use the policies to set priorities on logins, based on their order.

Creating AuthPoint Policies

To manage AuthPoint policies, first log into https://cloud.watchguard.com.  Then access Configure > AuthPoint, and select Authentication Policies on the left.

If your AuthPoint was set up prior to the update of the policies section, you will see a pre-built list of access rules.  To create a new policy, click Add Policy at the top.

  • Give the policy a name

  • Set the Authentication options, and select what you want to allow. Your options are Password, Push, QR Code, and OTP (one-time password).

  • In the Groups section, determine what group you want to apply this to.

  • In the Resources option, select the resource that you are applying to.

Add Policy Form screen shot

Network Location

One of the options when setting up a policy is Network Locations.  This allows you to apply policies based on the location of the user.  As an example, you can set it so, while in the office, users aren’t required to use MFA.

In order to set this up, you must first create the network location.  Before creating the policy, navigate in WatchGuard Cloud to Configure > AuthPoint, and select Policy Objects on the left.  In the top drop-down, select Network Location and click the + to create the item. 

  • Name the object

  • Create the IP mask, and click Save.

Network Location Drop down menu

Once your object is created, you can attach it into a policy in the Policy Objects section.

Policy Objects section with Network Location policy object box